The World’s Hottest New Vacation Destination

And by hottest, I mean radioactive hot. Forget the suntan lotion, bring a dosimeter.

Kiev Sees Chernobyl as Tourist Hot Spot

Ukraine’s government wants to turn Chernobyl, the site of the world’s worst nuclear accident, into a tourism hotspot.

Ukraine’s Emergency Situations Ministry said Monday it is working on a plan to open the area around the defunct plant—where a reactor exploded on April 26, 1986, spreading radiation across the then-Soviet states of Ukraine, Belarus and Russia—to visitors starting next month.

The ministry said radiation levels in certain parts of the so-called exclusion zone, which stretches 30 kilometers (19 miles) around the exploded reactor, were now returning to normal levels. Visitors will be able to take in views of the nuclear plant, as well as towns and villages that were abandoned in the disaster’s aftermath.

New official tour operators would have to meet strict criteria to be allowed to operate, said Yulia Yurshova, a spokesperson for the Emergency Situations Ministry, as straying from the route can be dangerous because of the threat of collapsing buildings and varying radiation levels.

“The Chernobyl zone isn’t as scary as the whole world thinks,” said Ms. Yurshova. “We want to work with big tour operators and attract Western tourists, from whom there’s great demand.”

See also:
Chernobyl: now open to tourists
Holiday in Chernobyl: Ukraine to lift restrictions on disaster site
Ukraine plans to open Chernobyl, site of massive nuclear disaster, open to tourists in 2011
Chernobyl to be ‘extreme’ tourism site
Ukraine to open Chernobyl zone to tourists
Tourists invited to holiday in Chernobyl
Chernobyl as tourist attraction
Ukraine’s newest tourist destination: Chernobyl
Chernobyl Accident
Chernobyl disaster

What’s not to like? There’s plenty of abandoned buildings and desolate landscape to see. It’s fun for the whole family, bring the kids! The souvenir shop is to die for.

/it’s bad enough that they’re going to let tourists into the exclusion zone to dose up on radiation, but just think of the poor tour guides that will have to go back in day after day to make a living

Powered By Microsoft Windows

With Bill Gates and crew protecting our ATMs with Windows, just thank God your bank accounts are insured by the FDIC up to $250,000.

ATM Vendor Halts Researcher’s Talk on Vulnerability

An ATM vendor has succeeded in getting a security talk pulled from the upcoming Black Hat conference after a researcher announced he would demonstrate a vulnerability in the system.

Barnaby Jack, a researcher with Juniper Networks, was to present a demonstration showing how he could “jackpot” a popular ATM brand by exploiting a vulnerability in its software.

Jack was scheduled to present his talk at the upcoming Black Hat security conference being held in Las Vegas at the end of July.

But on Monday evening, his employer released a statement saying it was canceling the talk due to the vendor’s intervention.

“Juniper believes that Jack’s research is important to be presented in a public forum in order to advance the state of security,” the statement read. “However, the affected ATM vendor has expressed to us concern about publicly disclosing the research findings before its constituents were fully protected. Considering the scope and possible exposure of this issue on other vendors, Juniper decided to postpone Jack’s presentation until all affected vendors have sufficiently addressed the issues found in his research.”

In the description of his talk on the conference web site, Jack wrote that, “The most prevalent attacks on Automated Teller Machines typically involve the use of card skimmers, or the physical theft of the machines themselves. Rarely do we see any targeted attacks on the underlying software. This presentation will retrace the steps I took to interface with, analyze, and find a vulnerability in a line of popular new model ATM’s. The presentation will explore both local and remote attack vectors, and finish with a live demonstration of an attack on an unmodified, stock ATM.”

Jack did not disclose the ATM brand or discuss whether the vulnerability was found in the ATM’s own software or in its underlying operating system. Diebold ATMs, one of the most popular brands, runs on a Windows operating system, as do some other brands of ATMs.

Diebold did not respond to a call for comment.

Earlier this year, Diebold released an urgent alert (.pdf) announcing that Russian hackers had installed malicious software on several of its Opteva model ATMs in Russia and Ukraine. A security researcher at SophosLabs uncovered three examples of Trojan horse programs designed to infect the ATMs and wrote a brief analysis of them. Last month another security research lab, Trustwave’s SpiderLabs, provided more in-depth analysis of malware used to attack 20 ATMs in Russia and Ukraine of various brands.

According to SpiderLabs, the attack required an insider, such as an ATM technician or anyone else with a key to the machine, to place the malware on the ATM. Once that was done, attackers could insert a control card into the machine’s card reader to trigger the malware and give them control of the machine through a custom interface and the ATM’s keypad.

The malware captured account numbers and PINs from the machine’s transaction application and then delivered it to the thief on a receipt printed from the machine in an encrypted format or to a storage device inserted in the card reader. A thief could also instruct the machine to eject whatever cash is inside the machine. A fully loaded ATM can hold up to $600,000.

It’s unclear if the talk Jack was scheduled to give addresses the same vulnerability and malware or a new kind of attack.

See also:
Juniper Nixes ATM Security Talk
ATM vendor gets security talk pulled from conferences
Researcher barred from demoing ATM security vuln
Jackpotting ATM Machines courtesy of the Jolly Roger
Barnaby Jack
Barnaby Jack
Embedded Problems
Exploiting Embedded Systems, Blackhat 2006 (Barnaby Jack)
Black Hat ® : The World’s Premier Technical Security Conference
Black Hat ® Technical Security Conference: USA 2009
Juniper Networks
SophosLabs
SpiderLabs — About Us — Trustwave
Diebold

Jackpotting ATMs, kind of like playing a slot machine where you win first time, every time and it pays out in twenties.

/all I can say is that I’m sure glad Barnaby Jack is one of the good guys

Follow

Get every new post delivered to your Inbox.

Join 26 other followers